function wms_proxy($contexteId) { global $app; $httprequest = new Phalcon\Http\Request(); $httprequest->setDI($app->getDI()); //Possible sanitize filters: string, email, int, float, alphanum, striptags, trim, lower, upper $filter = new \Phalcon\Filter(); if ($httprequest->isGet() || $httprequest->isPost()) { $datain = $httprequest->get(); $data = array(); foreach ($datain as $key => $value) { $data[strtoupper($key)] = $value; } $service = $filter->sanitize($data["SERVICE"], array("string", "upper")); $request = $filter->sanitize($data["REQUEST"], array("string", "upper")); } else { // TODO : Gérer l'erreur, on ne peut appeler un service wms en put ou en delete. error_log("not a get or a post?"); return; } error_log("service: {$service}, request: {$request}"); if ($service === "WMS") { $config = $app->getDI()->get("config"); $mapserver = $config['mapserver']['host'] . $config['mapserver']['mapserver_path'] . $config['mapserver']['executable']; $contexte = IgoContexte::findFirst("id='{$contexteId}'"); $map = $config['mapserver']['mapfileCacheDir'] . $config['mapserver']['contextesCacheDir'] . $contexte->code . ".map"; $method = $httprequest->getMethod(); $data = $httprequest->get(); $data["MAP"] = $map; $response = null; switch ($request) { case "GETCAPABILITIES": $response = proxy_request($mapserver, $data, $method); // Devrait-on enlever les couches non permises en lecture de la réponse.? C'est probablement trop complexe... break; case "GETMAP": case "GETFEATUREINFO": case "DESCRIBELAYER": case "GETLEGENDGRAPHIC": $authentificationModule = obtenirAuthentificationModule(); if ($authentificationModule === null) { $response = proxy_request($mapserver, $data, $method); } else { if (isset($data["LAYERS"])) { $couches = explode(",", $data["LAYERS"]); } else { $couches = explode(",", $data["LAYER"]); } foreach ($couches as $couche) { $igoVueContexteCoucheNavigateur = IgoVueContexteCoucheNavigateur::findFirst("mf_layer_name='{$couche}'"); $coucheContexte = array($igoVueContexteCoucheNavigateur); if ($igoVueContexteCoucheNavigateur === false) { $coucheContexte = IgoVueContexteCoucheNavigateur::find("mf_layer_group='{$couche}' and contexte_id='{$contexteId}'"); } if (count($coucheContexte) === 0) { // L'utilisateur essaie d'appeler la couche root du mapfile qui consiste à toutes les couches. // Nous interdissons ce type d'appels pour le moment. die("Forbidden"); } $estPermis = false; foreach ($coucheContexte as $igoVueContexteCoucheNavigateur) { $permission = obtenirPermission($igoVueContexteCoucheNavigateur->couche_id); if ($permission !== null && $permission->est_lecture) { $estPermis = true; break; } } if (!$estPermis) { die("Forbidden"); } } $response = proxy_request($mapserver, $data, $method); } break; default: break; } $headerArray = explode("\r\n", $response["header"]); foreach ($headerArray as $headerLine) { header($headerLine); } echo $response["content"]; } else { die("Seul les services WMS sont pris en charge par ce proxy."); } }
} else { $ip = $_SERVER['REMOTE_ADDR']; //echo "REMOTE_ADDR: ".$ip; } $req_parts = parse_url($_SERVER['HTTP_REFERER']); // IF domain name matches the authorized domain, proceed with request. if ($RequestDomain == '' || $req_parts["host"] == $RequestDomain) { $method = $_SERVER['REQUEST_METHOD']; if ($method == "GET") { $data = $_GET; } elseif ($method == "POST" && count($_POST) > 0) { $data = $_POST; } else { $data = $HTTP_RAW_POST_DATA; } $response = proxy_request($destinationURL, $method == "GET" ? $_GET : $_POST, $method); $headerArray = explode("\r\n", $response['header']); $is_gzip = false; $is_chunked = false; foreach ($headerArray as $headerLine) { // Toggle gzip decompression when appropriate. if ($headerLine == "Content-Encoding: gzip") { global $is_gzip; $is_gzip = true; // Toggle chunk merging when appropriate } elseif ($headerLine == "Transfer-Encoding: chunked") { global $is_chunked; $is_chunked = true; } else { // todo: Find out why this doesn't work (removes all contents!) // header($headerLine, FALSE);